cephadm: Add shell '--mount' option to mount host file or directory#34773
Conversation
mgfritch
left a comment
There was a problem hiding this comment.
I really want to avoid adding an additional argument, but I don't see a safe way to pass secrets (via the environment, cmdline, or otherwise)
matthewoliver
left a comment
There was a problem hiding this comment.
I needed this exact option today to modify the ceph crushmap in ses7. As you need the compiled crushmap in the cephadm shell container to be able to run crushtool on it. When I applied these changes:
master:~ # ceph osd getcrushmap -o cm.compiled
master:~ # cephadm shell --mount ./
[ceph: root@master /]# crushtool -d /mnt/cm.compiled -o /mnt/cm.txt
master:~ # ls
bin cm.compiled cm.txt
It worked perfectly. Big +1 from me.
2de2034 to
fbbd091
Compare
|
@mgfritch @matthewoliver I've updated this PR to always mount the file or directory under - mounts[pathify(args.mount)] = '/mnt/{}:z'.format(args.mount)
+ mount = pathify(args.mount)
+ filename = ''
+ if os.path.isfile(mount):
+ _, filename = os.path.split(mount)
+ mounts[mount] = '/mnt/{}:z'.format(filename) |
|
I don't have a good answer here. Maybe we can by default also mount |
fbbd091 to
e79be56
Compare
@sebastian-philipp I've updated this PR to mount |
e79be56 to
543bfe2
Compare
There was a problem hiding this comment.
Nice, I like this alot more. Now we don't have to assume the --mount option to make changes to things, only if you want to mount something other then cwd. Making it much easier to use.
Run it and you still have access to your current directory.
One thought. When I run cephadm shell it always dumps me in / I wonder if we should get it to dump us in /mnt now that it'll always be mounted. It'll make workflows easier maybe?
Though this could be a follow up patch, kind out of scope.
Maybe something like this will do it:
diff --git a/src/cephadm/cephadm b/src/cephadm/cephadm
index 23c838e79b..56bdcfcdd2 100755
--- a/src/cephadm/cephadm
+++ b/src/cephadm/cephadm
@@ -2767,6 +2767,7 @@ def command_shell():
'-it',
'-e', 'LANG=C',
'-e', "PS1=%s" % CUSTOM_PS1,
+ '-w', '/mnt',
]
if args.fsid:
home = os.path.join(args.data_dir, args.fsid, 'home')
Of course making it something like ~/ might also be as useful. Anyway just a NIT not a blocker.
UPDATE: Just tested that ^^ locally and it worked for me.
I don't have a good answer here. Maybe we can by default also mount
$PWD? > > @sebastian-philipp I've updated this PR to mount$PWDwhen no--mountoption is specified. Also, I've now documented the--mountbehavior oninstall.rst. Are we sure we want to default mount$PWDrather than forcing this option to be explicit? This could leave random files laying around in random places on the container host ...
Are we sure we want to default mount |
|
I am also not very happy about default mount $PWD. If this form does not look very convenient: Then may be we can a provide a possibility to specify this like: Which would be preparsed by the cephadm and converted to the first form automatically? |
bf220f3 to
d3e92c0
Compare
|
I've updated this PR to NOT mount |
| filename = '' | ||
| if os.path.isfile(mount): | ||
| _, filename = os.path.split(mount) | ||
| mounts[mount] = '/mnt/{}:z'.format(filename) |
There was a problem hiding this comment.
| filename = '' | |
| if os.path.isfile(mount): | |
| _, filename = os.path.split(mount) | |
| mounts[mount] = '/mnt/{}:z'.format(filename) | |
| mounts[mount] = '/mnt/{}:z'.format(os.path.basename(mount)) |
this doesn't work with symlinks, char/block devs, etc.
maybe just use the basename instead?
Fixes: https://tracker.ceph.com/issues/45284 Signed-off-by: Ricardo Marques <rimarques@suse.com>
d3e92c0 to
71c58f1
Compare
|
@sebastian-philipp rebased |
The Problem:
I have a file on my host, that I would like to use to set a "config-key":
But when I try to use that file, I get an error because the file is not accessible inside the container:
Proposed Solution
Add a new
--mountoption tocephadm shell, that allows to mount a host file or directory:Fixes: https://tracker.ceph.com/issues/45284
Signed-off-by: Ricardo Marques rimarques@suse.com
Checklist
Show available Jenkins commands
jenkins retest this pleasejenkins test classic perfjenkins test crimson perfjenkins test signedjenkins test make checkjenkins test make check arm64jenkins test submodulesjenkins test dashboardjenkins test dashboard backendjenkins test docsjenkins render docsjenkins test ceph-volume alljenkins test ceph-volume tox